DFS Cyber Regulation Gets Public Airing in Albany

Just weeks before the Cuomo administration’s “first-in-the-nation” cybersecurity regulation is scheduled to go into effect, the New York State Assembly Standing Committee on Banks will open a public hearing on Monday, December 19th into the controversial plan to require financial institutions that operate in New York to comply with a series of strict – and in some cases, unprecedented – data security measures.

According to the public notice, the hearing “seeks to explore the cybersecurity needs of banking institutions to protect both individuals and such institutions from cyber threats.”

The cybersecurity regulation was proposed in September 2016 by the New York Department of Financial Services – DFS – after conducting a series of industry studies. Since then, the regulation has meet with harsh criticism by industry groups. In public comments filed last month, industry alliances have called the regulation “practically unworkable or technically infeasible,” and have pleaded with DFS to tone down the detailed requirements, allow for a longer phase-in period and permit institutions to exercise more discretion on how best to protect their customers and IT networks.

DFS Superintendent Maria Vullo will not appear at the hearing according to her spokesman.